You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

It's better to print out the next instructions or save it in notepad, because you also have to work in safe mode without networking support, so this page wouldn't be available then.It is also important you don't miss a step and perform everything in the right order!!

Next to the 'scriptfile to execute'-window you'll see a little icon as shown in next picture: When you click that icon, a little window will open that says: 'Please enter the full URL to the sript you want to execute'In the field, copy and paste next URL:

http://downloads.subratam.org/BFUscripts/igetnetfreepod.BFU

Click OkThen click execute in Brute Force Uninstaller.

Wait for the complete script execution box to popup and press OK.Press exit to terminate the BFU program.

REBOOT!!!

* Please set your system to show all files; please see here if you're unsure how to do this.

* Reboot into Safe Mode`: ( without networking support !)įTo get into the Safe mode as the computer is booting press and hold your "F8 Key". Use your arrow keys to move to "Safe Mode" and press your Enter key.

* Once in Safe Mode, please double-click aproposfix.exe.This will create a new folder on your desktop called aproposfix. Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.

I can't stress enough how important it is this has to be performed in safe mode, because this infection is only visible in safe mode.

Still in safe mode...

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:

* Click Complete System Scan and the scan will begin. * During the scan it will prompt you to clean files, click OK * When the scan is finished, look at the bottom of the screen and click the Save report button. * Save the report to your desktop

Open the FindQoologic folder. Preferable to your desktop.Locate and double-click the Find-Qoologic.bat file to run it.Choose option 1 for Run Findqoologic by typing 1 and pressing enter.This will scan your system. Wait until a text opens.Post this in your next reply together with a fresh HijackThis log, the entire contents of the log.txt file in the aproposfix folder. and the log from ewido so I can take another look.